﻿<?php
/**
 * Page used to display a list of external users files
 * Also allows for uploading new files/new versions of files.
 */

// Start the session handling system
session_start ();

// Connect to the database
require_once ("../../../db.php");

// Only allow this for external users
if (!isset ($_SESSION['uid'])||($_SESSION['type']!='employee'))
	die ('Not logged in as an external user');

$sql = 'SELECT * FROM staffcomments WHERE uid=? AND projectid=?';
$sth = $db->prepare($sql);
$sth->execute(array($_SESSION['uid'], $_POST['pid']));
$row = $sth->fetchAll();
if($row) {
    echo json_encode($row);
} else {
    echo json_encode(array('error' => 'Du har ingen notater til dette prosjektet'));
}